» setup.exe
Overview
Analysis
File Details
Programs (2)
Downloads (47)

setup.exe

Picasa Updater

Google Inc

This is a setup and installation application. This is installed with multiple programs including Picasa 2 and Picasa 3. The file has been seen being downloaded from dl.dropbox.com and multiple other hosts.

File name:

setup.exe

Publisher:

Google Inc. (signed by Google Inc)

Product:

Picasa Updater

Description:

Picasa

Version:

3.9.137.810

MD5:

48c539d4436f0ca806d9f0ce614e6c9b

SHA-1:

1daa273598553acdb8279383daf3ab46bc544466

SHA-256:

e8eea2a1812348dd07823d06fb8812c2fa603b0d42de706bc19a83b41aec2faf

Scanner detections:

0 / 68

Status:

Clean (as of last analysis)
Whitelisted (by digital signature)

Analysis date:

4/27/2024 1:26:42 AM UTC (today)

File size:

16.8 MB (17,660,184 bytes)

Product version:

3.9.0

Original file name:

Picasa Updater

File type:

Executable application (Win32 EXE)

Language:

English (United States)

Common path:

C:\users\{user}\appdata\local\google\picasa2\update\lifescapeupdater\setup.exe

Digital Signature

Signed by:

Google Inc

Authority:

VeriSign, Inc.

Valid from:

11/14/2011 8:00:00 AM

Valid to:

11/14/2014 7:59:59 AM

Subject:

CN=Google Inc, OU=Digital ID Class 3 - Java Object Signing, O=Google Inc, L=Mountain View, S=California, C=US

Issuer:

CN=VeriSign Class 3 Code Signing 2010 CA, OU=Terms of use at https://www.verisign.com/rpa (c)10, OU=VeriSign Trust Network, O="VeriSign, Inc.", C=US

Serial number:

09E28B26DB593EC4E73286B66499C370

File PE Metadata

Compilation timestamp:

1/7/2014 3:06:04 AM

OS version:

4.0

OS bitness:

Win32

Subsystem:

Windows GUI

Linker version:

8.0

CTPH (ssdeep):

393216:QviUMOpVDsOYt2kMdbiy4iGWE6eDTLmy4:Qv3MOQQi9i9EtTLmP

Entry address:

0x6C21

Entry point:

E8, 30, 4B, 00, 00, E9, 16, FE, FF, FF, 8B, 44, 24, 04, 33, C9, 3B, 04, CD, 70, 80, 41, 00, 74, 12, 41, 83, F9, 2D, 72, F1, 8D, 48, ED, 83, F9, 11, 77, 0C, 6A, 0D, 58, C3, 8B, 04, CD, 74, 80, 41, 00, C3, 05, 44, FF, FF, FF, 6A, 0E, 59, 3B, C8, 1B, C0, 23, C1, 83, C0, 08, C3, E8, 54, 21, 00, 00, 85, C0, 75, 06, B8, D8, 81, 41, 00, C3, 83, C0, 08, C3, E8, 41, 21, 00, 00, 85, C0, 75, 06, B8, DC, 81, 41, 00, C3, 83, C0, 0C, C3, 56, E8, E7, FF, FF, FF, 8B, 4C, 24, 08, 51, 89, 08, E8, 8D, FF, FF, FF, 59, 8B, F0... 
[+]

Entropy:

7.9954 (probably packed)

Code size:

72 KB (73,728 bytes)

The file setup.exe has been discovered within the following programs.

Picasa 2 by Google Inc

Picasa is an image organizer and image viewer for organizing and editing digital photos, plus an integrated photo-sharing website. Picasa is 3 supports Windows XP, Windows Vista and Windows 7, and has Google+ integration for users of that service. Version 3.

www.picasa.com/support

6% remove it

Picasa 3 by Google Inc

Publisher's description - “Picasa can transfer, find, organize, edit, print, and share images, all with this easy-to-use product. Watch Picasa automatically organize all your pictures into elegant albums by date. Having all your photos in one place means no more time wasted searching for folders or files.”

www.picasa.com

6% remove it

The file setup.exe has been seen being distributed by the following 47 URLs.

https://dl.dropbox.com/u/.../picasa39-setup.exe

http://pliki.onet.pl/wyslij36592-1.html

http://113.171.224.203/.../public-update-3.9.137.81.exe

http://www.filehippo.com/download/file/.../

http://es.kioskea.net/download/.../descargar-77-picasa

http://www.slunecnice.cz/sw/picasa-3/stahnout/.../?m=97833e44152c580554fbd500cbd00d93&t=52e626e9

http://www.download-garage.com/?dl=1&dr=hd5C m0WedNyDK50IXDlfSDphXAmD3vpDZ0m rcWDK4m7dAWLngm7dREhKVuvmAWASDChTMm7dlChV8zNjiRAzCyAZamI3cWedtleX2JcmxWvm10hXtt7XxjIHxFcrVWvm1uhXtw r5jDK1l ExWvmN0hXt07XvEDXxWvmF0hXtpDCNJ Exl Ei6xH1YIKDTDK5y7dg6VH0mDXPwcj1Y7KNlIKxWvm5whXtPDHsJcdl0IKWufSDC2j1YDrVdIKNlfSDzcj1zcmAm2r0Wc32lDXimcHaWck1wIKNPcdnm7K2pDZ1fAzM3NZLROTc3NZn=&campaignId=9jn0ATL3AZMwAZMq

http://download.forest.impress.co.jp/pub/library/p/picasa/.../picasa39-setup.exe

http://full-install.info/?dl=1&pi=OZA1Nja4NTc0&osos=VdluDrW3cw==&dr=c3aW7mcm2r0Wc32lDXimcHaWck1wIKNPcdnmIT1zvm2yIKiWvmREhKVuvmNjhLlOvmNBDz1l QDjhTnmDZ0wvmNpDZ1fNZLyNT7FAZCRvm5EIKiWXzM1OTLRNTcwAjA=&pd=2323UEVwUK2J diu7dWt&campaignId=9jn0AznzAznyAZMq

http://soft.archive2.clubic.com/files/2f0493fa3ca0bc4fbe2eebdcd65c857d/52d58826/.../picasa_3-9-0-137-81_fr_12684.exe

http://szoftverhotel.hu/d.php?file=picasa_3.9.exe&p=1455007951.2441

http://www.filehippo.com/download/file/.../

http://www.myfree-app.com/?dl=1&dr=c3aW7mcm2r0Wc32lDXimcHaWck1wIKNPcdnmIT1zvm2yIKiWvmREhKVuvmNjhLlOvmNBDz1l QDjhTnmDZ0wvmNpDZ1fAzgzAjARATiRvm5EIKiWXz7zAT70NTAyNja=&campaignId=9jn0ATC1Nj70AZMq

https://downloader.disk.yandex.ua/disk/4219fddb975f4b58064f0af320fabfaee9b41cc2dcfe7b3af6feaf526a3155e7/56d32e8a/DJKJGOkcSJ1-YiMUvqxh461dyKaJDpzq_Qygj9aQn9DDM5BldGNxXNePFaw5PTer3AisRXmTgdA4QzL6a6gL5g==?uid=0&filename=setup.exe&disposition=attachment&hash=XpW4Z/ H/.../x-msdownload&fsize=17660184&hid=2ac34abf675df5f923292f685a86208a&media_type=executable&tknv=v2

http://besplatnovse.ru/go?http://dl.google.com/.../picasa39-setup.exe

http://softwareapp-pro.s3.amazonaws.com/uploads/program_file/file_url/181/.../picasa39-setup.exe

https://mc.gmx.net/data/reiki-oase@gmx.at/download/Neue Dateianlagen/.../picasa39-setup.exe

http://download.informer.com/.../picasa39-setup.exe

http://soft.archive1.clubic.com/files/1a155ae6e1760ca6a159cac34ff6e2cc/52d1e0bf/.../picasa_3-9-0-137-81_fr_12684.exe

http://www.filehippo.com/download/file/.../

http://www.techtudo.com.br/_/software/.../download

http://www.tamindir.com/indir/MjAxNC0wMS0wNyAxOTo0NTowNw==/picasa/.../3.9.0.137.74

http://fs34.filehippo.com/3825/.../picasa39-setup.exe

http://download.informer.com/.../picasa39-setup.exe

http://picasa.software.informer.com/.../

http://www.tamindir.com/indir/MjAxNC0wMy0wNSAxMDowMjoyOA==/picasa/.../3.9.0.137.74

http://www.commentcamarche.net/download/.../telecharger-147-picasa

Latest 30 of 47 download URLs

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.